[ostree] pull: get rid of detached metadata for deltas
- From: Giuseppe Scrivano <gscrivano src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [ostree] pull: get rid of detached metadata for deltas
- Date: Thu, 7 May 2015 20:02:05 +0000 (UTC)
commit 94360d3d1cfc4969d086ae1e84e885fd9b299883
Author: Giuseppe Scrivano <gscrivan redhat com>
Date: Tue Apr 28 18:47:21 2015 +0200
pull: get rid of detached metadata for deltas
Once the summary file will be signed, we can validate the superblock
from there.
Signed-off-by: Giuseppe Scrivano <gscrivan redhat com>
doc/ostree-static-delta.xml | 16 --------
src/libostree/ostree-repo-pull.c | 48 --------------------------
src/libostree/ostree-repo.c | 63 +++-------------------------------
src/ostree/ot-builtin-static-delta.c | 21 -----------
4 files changed, 5 insertions(+), 143 deletions(-)
---
diff --git a/doc/ostree-static-delta.xml b/doc/ostree-static-delta.xml
index 1373089..d410a2d 100644
--- a/doc/ostree-static-delta.xml
+++ b/doc/ostree-static-delta.xml
@@ -96,22 +96,6 @@ Boston, MA 02111-1307, USA.
</varlistentry>
<varlistentry>
- <term><option>--gpg-sign</option>=KEYID</term>
-
- <listitem><para>
- GPG Key ID to sign the delta with.
- </para></listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--gpg-homedir</option>=HOMEDIR</term>
-
- <listitem><para>
- GPG Homedir to use when looking for keyrings.
- </para></listitem>
- </varlistentry>
-
- <varlistentry>
<term><option>--max-usize</option>=SIZE</term>
<listitem><para>
diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index bb48186..2995cb2 100644
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -1303,44 +1303,6 @@ load_remote_repo_config (OtPullData *pull_data,
}
static gboolean
-fetch_metadata_to_verify_delta_superblock (OtPullData *pull_data,
- const char *from_revision,
- const char *checksum,
- GBytes *superblock_data,
- GCancellable *cancellable,
- GError **error)
-{
- gboolean ret = FALSE;
- g_autofree char *meta_path = _ostree_get_relative_static_delta_detachedmeta_path (from_revision, checksum);
- g_autoptr(GBytes) detached_meta_data = NULL;
- SoupURI *target_uri = NULL;
- g_autoptr(GVariant) metadata = NULL;
-
- target_uri = suburi_new (pull_data->base_uri, meta_path, NULL);
-
- if (!fetch_uri_contents_membuf_sync (pull_data, target_uri, FALSE, FALSE,
- &detached_meta_data,
- pull_data->cancellable, error))
- {
- g_prefix_error (error, "GPG verification enabled, but failed to fetch metadata: ");
- goto out;
- }
-
- metadata = g_variant_new_from_bytes (G_VARIANT_TYPE ("a{sv}"),
- detached_meta_data,
- FALSE);
-
- if (!_ostree_repo_gpg_verify_with_metadata (pull_data->repo, superblock_data,
- metadata, NULL, NULL,
- cancellable, error))
- goto out;
-
- ret = TRUE;
- out:
- return ret;
-}
-
-static gboolean
request_static_delta_superblock_sync (OtPullData *pull_data,
const char *from_revision,
const char *to_revision,
@@ -1366,16 +1328,6 @@ request_static_delta_superblock_sync (OtPullData *pull_data,
if (delta_superblock_data)
{
- if (pull_data->gpg_verify)
- {
- if (!fetch_metadata_to_verify_delta_superblock (pull_data,
- from_revision,
- to_revision,
- delta_superblock_data,
- pull_data->cancellable, error))
- goto out;
- }
-
{
gs_free gchar *delta = NULL;
gs_free guchar *ret_csum = NULL;
diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
index 3e0a3d8..0346a3d 100644
--- a/src/libostree/ostree-repo.c
+++ b/src/libostree/ostree-repo.c
@@ -3329,6 +3329,7 @@ out:
* @cancellable: A #GCancellable
* @error: a #GError
*
+ * This function is deprecated, sign the summary file instead.
* Add a GPG signature to a static delta.
*/
gboolean
@@ -3339,66 +3340,12 @@ ostree_repo_sign_delta (OstreeRepo *self,
const gchar *homedir,
GCancellable *cancellable,
GError **error)
-{
- gboolean ret = FALSE;
- g_autoptr(GBytes) delta_data = NULL;
- g_autoptr(GBytes) signature_data = NULL;
- g_autoptr(GVariant) commit_variant = NULL;
- g_autofree char *delta_path = NULL;
- g_autoptr(GFile) delta_file = NULL;
- g_autofree char *detached_metadata_relpath = NULL;
- g_autoptr(GFile) detached_metadata_path = NULL;
- g_autoptr(GVariant) existing_detached_metadata = NULL;
- g_autoptr(GVariant) normalized = NULL;
- g_autoptr(GVariant) new_metadata = NULL;
- GError *temp_error = NULL;
-
- detached_metadata_relpath =
- _ostree_get_relative_static_delta_detachedmeta_path (from_commit, to_commit);
- detached_metadata_path = g_file_resolve_relative_path (self->repodir, detached_metadata_relpath);
-
- delta_path = _ostree_get_relative_static_delta_superblock_path (from_commit, to_commit);
- delta_file = g_file_resolve_relative_path (self->repodir, delta_path);
- delta_data = gs_file_map_readonly (delta_file, cancellable, error);
- if (!delta_data)
- goto out;
-
- if (!ot_util_variant_map (detached_metadata_path, G_VARIANT_TYPE ("a{sv}"),
- TRUE, &existing_detached_metadata, &temp_error))
- {
- if (g_error_matches (temp_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
- {
- g_clear_error (&temp_error);
- }
- else
- {
- g_propagate_error (error, temp_error);
- goto out;
- }
- }
-
- if (!sign_data (self, delta_data, key_id, homedir,
- &signature_data,
- cancellable, error))
- goto out;
-
- new_metadata = _ostree_detached_metadata_append_gpg_sig (existing_detached_metadata, signature_data);
-
- normalized = g_variant_get_normal_form (new_metadata);
-
- if (!g_file_replace_contents (detached_metadata_path,
- g_variant_get_data (normalized),
- g_variant_get_size (normalized),
- NULL, FALSE, 0, NULL,
- cancellable, error))
- goto out;
-
- ret = TRUE;
- out:
- return ret;
+{ g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED,
+ "ostree_repo_sign_delta is deprecated");
+ return FALSE;
}
-OstreeGpgVerifyResult *
+ OstreeGpgVerifyResult *
_ostree_repo_gpg_verify_with_metadata (OstreeRepo *self,
GBytes *signed_data,
GVariant *metadata,
diff --git a/src/ostree/ot-builtin-static-delta.c b/src/ostree/ot-builtin-static-delta.c
index a136a00..04aab0b 100644
--- a/src/ostree/ot-builtin-static-delta.c
+++ b/src/ostree/ot-builtin-static-delta.c
@@ -28,8 +28,6 @@
static char *opt_from_rev;
static char *opt_to_rev;
-static char **opt_key_ids;
-static char *opt_gpg_homedir;
static char *opt_min_fallback_size;
static char *opt_max_chunk_size;
static gboolean opt_empty;
@@ -56,8 +54,6 @@ static GOptionEntry generate_options[] = {
{ "empty", 0, 0, G_OPTION_ARG_NONE, &opt_empty, "Create delta from scratch", NULL },
{ "to", 0, 0, G_OPTION_ARG_STRING, &opt_to_rev, "Create delta to revision REV", "REV" },
{ "disable-bsdiff", 0, 0, G_OPTION_ARG_NONE, &opt_disable_bsdiff, "Disable use of bsdiff", NULL },
- { "gpg-sign", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_key_ids, "GPG Key ID to sign the delta with",
"key-id"},
- { "gpg-homedir", 0, 0, G_OPTION_ARG_STRING, &opt_gpg_homedir, "GPG Homedir to use when looking for
keyrings", "homedir"},
{ "min-fallback-size", 0, 0, G_OPTION_ARG_STRING, &opt_min_fallback_size, "Minimum uncompressed size in
megabytes for individual HTTP request", NULL},
{ "max-chunk-size", 0, 0, G_OPTION_ARG_STRING, &opt_max_chunk_size, "Maximum size of delta chunks in
megabytes", NULL},
{ NULL }
@@ -212,23 +208,6 @@ ot_static_delta_builtin_generate (int argc, char **argv, GCancellable *cancellab
cancellable, error))
goto out;
- if (opt_key_ids)
- {
- char **iter;
-
- for (iter = opt_key_ids; iter && *iter; iter++)
- {
- const char *keyid = *iter;
-
- if (!ostree_repo_sign_delta (repo,
- from_resolved, to_resolved,
- keyid,
- opt_gpg_homedir,
- cancellable,
- error))
- goto out;
- }
- }
}
ret = TRUE;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
